service worker: Don't control a subframe of an insecure context

third_party/WebKit/Source/platform/weborigin/SecurityOrigin.h

 /*
  * Copyright (C) 2007, 2008 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
@@ skipping 123 matching lines @@
     // Returns true if |document| can display content from the given URL (e.g.,
     // in an iframe or as an image). For example, web sites generally cannot
     // display content from the user's files system.
     bool canDisplay(const KURL&) const;
 
     // Returns true if the origin loads resources either from the local
     // machine or over the network from a
     // cryptographically-authenticated origin, as described in
     // https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustworthy.
     bool isPotentiallyTrustworthy() const;
+    bool isPotentiallyTrustworthy(String* errorMessage) const;
 
     // Returns a human-readable error message describing that a non-secure origin's access to a feature is denied.
     static String isPotentiallyTrustworthyErrorMessage();
 
     // Returns true if this SecurityOrigin can load local resources, such
     // as images, iframes, and style sheets, and can link to local URLs.
     // For example, call this function before creating an iframe to a
     // file:// URL.
     //
     // Note: A SecurityOrigin might be allowed to load local resources
@@ skipping 129 matching lines @@
     bool m_universalAccess;
     bool m_domainWasSetInDOM;
     bool m_canLoadLocalResources;
     bool m_blockLocalAccessFromLocalOrigin;
     bool m_isUniqueOriginPotentiallyTrustworthy;
 };
 
 } // namespace blink
 
 #endif // SecurityOrigin_h